<?php

#--------------------------------------------------
# ALL INCLUDES + STANDARD-VALUES
#--------------------------------------------------
include_once ("include/config.inc");
include_once ("include/template.inc");
include_once ("include/class.db.php5");
include_once ("include/class.tools.php5");
$svo = new db("svoptik");
$tools = new tool();

include_once ("include/global_fix_extern.inc");

#--------------------------------------------------
# CREATE TEMPLATE
#--------------------------------------------------
$t = new Template("templates", "keep");
$t->set_file(array (
	"page" => "svoptik_popup.tpl",
	"gb" => "new_gb.tpl"
));
#--------------------------------------------------

$t->set_var(array (
	"FORWARD" => ""
));
#--------------------------------------------------
# CREATE CONTENT "GUESTBOOK"
#--------------------------------------------------
global $gb_name, $gb_text, $gb_email, $update, $err_msg;
$t->set_var(array (
	"NAME" => $gb_name,
	"EMAIL" => $gb_email,
	"TEXT" => $gb_text,
	"MSG" => $err_msg
));

$ip = getenv("HTTP_X_FORWARDED_FOR");
if (empty ($ip))
	$ip = getenv("REMOTE_ADDR");
function CheckIP($ip) {
	global $svo, $table, $gb_name, $gb_text, $gb_email, $update, $err_msg;
	$query = $svo->doSQL("SELECT gb_date FROM " . $table['Guestbook'] . " WHERE gb_ip='" . $ip . "' ORDER BY gb_date DESC LIMIT 1;");
	if ($svo->countRows($query) > 0) {
		$date = $svo->getRecordset($query);
		$array = getdate(time());
		$time = date("Y-m-d H:i:s", mktime($array['hours'], $array['minutes'], $array['seconds'], $array['mon'], $array['mday'] - 1, $array['year']));
	} else {
		$time = 1;
		$date[0] = 0;
	}
	if ($date[0] < $time || !eregi(strtolower("MaL3Rm3!ST3rM4sKUl!n"), strtolower($gb_name)))
		return true;
	else {
		$header = "From: GB auf www.sv-optik.de <webmaster@sv-optik.de>\n";
		$header .= "Reply-To: webmaster@sv-optik.de\n";
		$header .= "X-Mailer: PHP/" . phpversion() . "\n";
		$header .= "X-Sender-IP: " . $ip . "\n";
		$header .= "Content-Type: text/plain";
		$text = "
		--------------------
		NAME : " . $gb_name . "
		EMAIL: " . $gb_mail . "
		TEXT : " . $gb_text . "
		IP   : " . $ip . "
		DATE : " . date("H:i:s d-m-Y") . "
		--------------------
		          ";
		@ mail("webmaster@sv-optik.de", "Versuchter Missbrauch des GB auf www.sv-optik.de von " . $gb_name, $text, $header);
		return false;
	}
}

if (empty ($update))
	$content = $t->parse("", "gb", true);
else {
	$content = "
	      <script language=\"javascript\">
	      <!--
	      function win_close() {
	          opener.location.replace('guestbook.php5');
	          window.close();
	      }
	      //-->
	      </script>
	      ";
	if (empty ($gb_text) || empty ($gb_name) || (!empty ($gb_email) && !ereg("^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@([a-zA-Z0-9-]+\.)+([a-zA-Z]{2,4})", $gb_email))) {
		$t->set_var(array (
			"MSG" => "Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben!"
		));
		$content .= $t->parse("", "gb", true);
	} else {
		if (checkIP($ip)) {
			if ($svo->doSQL("insert into " . $table['Guestbook'] . " (gb_name, gb_email, gb_text, gb_date, gb_ip) values ('" . $gb_name . "','" . $gb_email . "','" . $gb_text . "','" . date("Y-m-d H:i:s") . "', '" . $ip . "');"))
				$content .= "
				    		        <p align=\"center\" class=\"text\"><br><br><br>Vielen Dank f&uuml;r Ihren Eintrag in unser G&auml;stebuch.<br><br><a href=\"javascript:win_close();\" class=\"text\">Fenster schlie&szlig;en</a></p>
				    		        <p align=\"center\" class=\"text\"><br><br><b>Hinweis:</b> Sie k&ouml;nnen in 24 Stunden wieder<br>einen Eintrag in das G&auml;stebuch machen</p>
				                ";
			else
				$content .= "
						          <p align=\"center\" class=\"text\"><br><br><br>Ihr Eintrag in unser G&auml;stebuch konnte leider nicht vorgenommen werden.<br><br><a href=\"javascript:window.reload();\" class=\"text\">erneut versuchen</a></p>
						          <p align=\"center\" class=\"text\"><br><a href=\"javascript:win_close()\" class=\"text\">Fenster schlie&szlig;en</a></p>
				                ";
		} else
			$content .= "
					          <p align=\"center\" class=\"text\"><br><br>Dies ist ein G&auml;stebuch und kein Forum!!</p>
					          <p align=\"center\" class=\"text\"><br><br>Ihre IP-Adresse wurde geloggt<br>und der Administrator benachrichtigt.</p>
					          <p align=\"center\" class=\"text\"><br><a href=\"javascript:win_close()\" class=\"text\">Fenster schlie&szlig;en</a></p>
			                ";
	}
}

#--------------------------------------------------

#--------------------------------------------------
# PARSE & OUTPUT
#--------------------------------------------------
$t->set_var(array (
	"NAVI" => "<img src=\"standard/spacer.gif\" width=\"10\" height=\"20\" border=\"0\" alt=\"\">",
	"sitenav" => "G&Auml;STEBUCH -> EINTRAGEN",
	"content" => $content
));

$t->parse("ALL", "page", true);
$t->p("ALL");
?>
